Oval Definition:oval:org.opensuse.security:def:70358
Revision Date:2021-03-09Version:1
Title:Security update for the Linux Kernel (Important)
Description:

The SUSE Linux Enterprise 15 kernel was updated to receive various security and bugfixes.

The following security bugs were fixed:

- CVE-2021-26930: Fixed an improper error handling in blkback's grant mapping (XSA-365 bsc#1181843). - CVE-2021-26931: Fixed an issue where Linux kernel was treating grant mapping errors as bugs (XSA-362 bsc#1181753). - CVE-2021-26932: Fixed improper error handling issues in Linux grant mapping (XSA-361 bsc#1181747). by remote attackers to read or write files via directory traversal in an XCOPY request (bsc#178372). - CVE-2020-29368,CVE-2020-29374: Fixed an issue in copy-on-write implementation which could have granted unintended write access because of a race condition in a THP mapcount check (bsc#1179660, bsc#1179428).

The following non-security bugs were fixed:

- kernel-{binary,source}.spec.in: do not create loop symlinks (bsc#1179082) - kernel-source.spec: Fix build with rpm 4.16 (boo#1179015). - rpm/kernel-binary.spec.in: avoid using barewords (bsc#1179014) - rpm/kernel-binary.spec.in: avoid using more barewords (bsc#1179014) %split_extra still contained two. - rpm/kernel-binary.spec.in: Fix compressed module handling for in-tree KMP (jsc#SLE-10886) The in-tree KMP that is built with SLE kernels have a different scriptlet that is embedded in kernel-binary.spec.in rather than *.sh files. - rpm/kernel-binary.spec.in: use grep -E instead of egrep (bsc#1179045) egrep is only a deprecated bash wrapper for 'grep -E'. So use the latter instead. - rpm/kernel-module-subpackage: make Group tag optional (bsc#1163592) - rpm/kernel-obs-build.spec.in: Add -q option to modprobe calls (bsc#1178401) - rpm/kernel-{source,binary}.spec: do not include ghost symlinks (boo#1179082). - rpm/mkspec: do not build kernel-obs-build on x86_32 We want to use 64bit kernel due to various bugs (bsc#1178762 to name one). - rpm/post.sh: Avoid purge-kernel for the first installed kernel (bsc#1180058) - xen/netback: avoid race in xenvif_rx_ring_slots_available() (bsc#1065600). - xen/netback: fix spurious event detection for common event case (bsc#1182175).
Family:unixClass:patch
Status:Reference(s):1065600
1163592
1172726
1173758
1174628
1178401
1178762
1179014
1179015
1179045
1179082
1179428
1179660
1180058
1181747
1181753
1181843
1182140
1182175
CVE-2020-13962
CVE-2020-14344
CVE-2020-29368
CVE-2020-29374
CVE-2021-26930
CVE-2021-26931
CVE-2021-26932
SUSE-SU-2020:2116-1
SUSE-SU-2020:2357-1
SUSE-SU-2021:0740-1
Platform(s):SUSE Linux Enterprise Module for Basesystem 15 SP2
SUSE Linux Enterprise Module for Desktop Applications 15 SP2
SUSE Linux Enterprise Server for SAP Applications 15
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Module for Basesystem 15 SP2 is installed
  • AND Package Information
  • libX11-1.6.5-3.6 is installed
  • OR libX11-6-1.6.5-3.6 is installed
  • OR libX11-6-32bit-1.6.5-3.6 is installed
  • OR libX11-data-1.6.5-3.6 is installed
  • OR libX11-devel-1.6.5-3.6 is installed
  • OR libX11-xcb1-1.6.5-3.6 is installed
  • OR libX11-xcb1-32bit-1.6.5-3.6 is installed
  • OR libxcb-1.13-3.5 is installed
  • OR libxcb-composite0-1.13-3.5 is installed
  • OR libxcb-damage0-1.13-3.5 is installed
  • OR libxcb-devel-1.13-3.5 is installed
  • OR libxcb-devel-doc-1.13-3.5 is installed
  • OR libxcb-dpms0-1.13-3.5 is installed
  • OR libxcb-dri2-0-1.13-3.5 is installed
  • OR libxcb-dri2-0-32bit-1.13-3.5 is installed
  • OR libxcb-dri3-0-1.13-3.5 is installed
  • OR libxcb-dri3-0-32bit-1.13-3.5 is installed
  • OR libxcb-glx0-1.13-3.5 is installed
  • OR libxcb-glx0-32bit-1.13-3.5 is installed
  • OR libxcb-present0-1.13-3.5 is installed
  • OR libxcb-present0-32bit-1.13-3.5 is installed
  • OR libxcb-randr0-1.13-3.5 is installed
  • OR libxcb-record0-1.13-3.5 is installed
  • OR libxcb-render0-1.13-3.5 is installed
  • OR libxcb-res0-1.13-3.5 is installed
  • OR libxcb-screensaver0-1.13-3.5 is installed
  • OR libxcb-shape0-1.13-3.5 is installed
  • OR libxcb-shm0-1.13-3.5 is installed
  • OR libxcb-sync1-1.13-3.5 is installed
  • OR libxcb-sync1-32bit-1.13-3.5 is installed
  • OR libxcb-xf86dri0-1.13-3.5 is installed
  • OR libxcb-xfixes0-1.13-3.5 is installed
  • OR libxcb-xfixes0-32bit-1.13-3.5 is installed
  • OR libxcb-xinerama0-1.13-3.5 is installed
  • OR libxcb-xinput0-1.13-3.5 is installed
  • OR libxcb-xkb1-1.13-3.5 is installed
  • OR libxcb-xtest0-1.13-3.5 is installed
  • OR libxcb-xv0-1.13-3.5 is installed
  • OR libxcb-xvmc0-1.13-3.5 is installed
  • OR libxcb1-1.13-3.5 is installed
  • OR libxcb1-32bit-1.13-3.5 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Desktop Applications 15 SP2 is installed
  • AND Package Information
  • libQt5OpenGLExtensions-devel-static-5.12.7-4.3 is installed
  • OR libQt5Sql5-mysql-5.12.7-4.3 is installed
  • OR libQt5Sql5-postgresql-5.12.7-4.3 is installed
  • OR libQt5Sql5-unixODBC-5.12.7-4.3 is installed
  • OR libqt5-qtbase-5.12.7-4.3 is installed
  • OR libqt5-qtbase-platformtheme-gtk3-5.12.7-4.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server for SAP Applications 15 is installed
  • AND Package Information
  • kernel-default-4.12.14-150.69.1 is installed
  • OR kernel-default-base-4.12.14-150.69.1 is installed
  • OR kernel-default-devel-4.12.14-150.69.1 is installed
  • OR kernel-devel-4.12.14-150.69.1 is installed
  • OR kernel-docs-4.12.14-150.69.1 is installed
  • OR kernel-macros-4.12.14-150.69.1 is installed
  • OR kernel-obs-build-4.12.14-150.69.1 is installed
  • OR kernel-source-4.12.14-150.69.1 is installed
  • OR kernel-syms-4.12.14-150.69.1 is installed
  • OR kernel-vanilla-base-4.12.14-150.69.1 is installed
  • OR reiserfs-kmp-default-4.12.14-150.69.1 is installed
    • BACK